summaryrefslogtreecommitdiffstats
path: root/tools
diff options
context:
space:
mode:
authorGravatar Nikias Bassen2021-07-27 03:36:45 +0200
committerGravatar Nikias Bassen2021-07-27 03:36:45 +0200
commitab1c815340afc2883c9ef08795eebd9bed1858c5 (patch)
treea188e92dfdff14e501bf42b5d880155468cffbdd /tools
parent19eca85f90d9950596e1c6021d7b0f89407f5d7f (diff)
downloadlibimobiledevice-ab1c815340afc2883c9ef08795eebd9bed1858c5.tar.gz
libimobiledevice-ab1c815340afc2883c9ef08795eebd9bed1858c5.tar.bz2
Add support for MbedTLS
Diffstat (limited to 'tools')
-rw-r--r--tools/Makefile.am16
-rw-r--r--tools/idevicebackup.c137
2 files changed, 65 insertions, 88 deletions
diff --git a/tools/Makefile.am b/tools/Makefile.am
index 04a5faa..b78f3f2 100644
--- a/tools/Makefile.am
+++ b/tools/Makefile.am
@@ -4,18 +4,10 @@ AM_CPPFLAGS = \
AM_CFLAGS = \
$(GLOBAL_CFLAGS) \
- $(libgnutls_CFLAGS) \
- $(libtasn1_CFLAGS) \
- $(libgcrypt_CFLAGS) \
- $(openssl_CFLAGS) \
$(libplist_CFLAGS) \
$(LFS_CFLAGS)
AM_LDFLAGS = \
- $(libgnutls_LIBS) \
- $(libtasn1_LIBS) \
- $(libgcrypt_LIBS) \
- $(openssl_LIBS) \
$(libplist_LIBS)
bin_PROGRAMS = \
@@ -49,8 +41,8 @@ idevicename_LDFLAGS = $(AM_LDFLAGS)
idevicename_LDADD = $(top_builddir)/src/libimobiledevice-1.0.la
idevicepair_SOURCES = idevicepair.c
-idevicepair_CFLAGS = -I$(top_srcdir) $(AM_CFLAGS)
-idevicepair_LDFLAGS = $(AM_LDFLAGS) $(libusbmuxd_LIBS)
+idevicepair_CFLAGS = -I$(top_srcdir) $(AM_CFLAGS) $(ssl_lib_CFLAGS)
+idevicepair_LDFLAGS = $(AM_LDFLAGS) $(libusbmuxd_LIBS) $(ssl_lib_LIBS)
idevicepair_LDADD = $(top_builddir)/src/libimobiledevice-1.0.la $(top_builddir)/common/libinternalcommon.la
idevicesyslog_SOURCES = idevicesyslog.c
@@ -64,8 +56,8 @@ idevice_id_LDFLAGS = $(AM_LDFLAGS)
idevice_id_LDADD = $(top_builddir)/src/libimobiledevice-1.0.la
idevicebackup_SOURCES = idevicebackup.c
-idevicebackup_CFLAGS = $(AM_CFLAGS)
-idevicebackup_LDFLAGS = $(AM_LDFLAGS)
+idevicebackup_CFLAGS = $(AM_CFLAGS) $(ssl_lib_CFLAGS)
+idevicebackup_LDFLAGS = $(AM_LDFLAGS) $(ssl_lib_LIBS)
idevicebackup_LDADD = $(top_builddir)/src/libimobiledevice-1.0.la $(top_builddir)/common/libinternalcommon.la
idevicebackup2_SOURCES = idevicebackup2.c
diff --git a/tools/idevicebackup.c b/tools/idevicebackup.c
index dfd7b8b..8d0f74b 100644
--- a/tools/idevicebackup.c
+++ b/tools/idevicebackup.c
@@ -31,10 +31,20 @@
#include <errno.h>
#include <stdlib.h>
#include <signal.h>
-#ifdef HAVE_OPENSSL
+#if defined(HAVE_OPENSSL)
#include <openssl/sha.h>
-#else
+#elif defined(HAVE_GNUTLS)
#include <gcrypt.h>
+#elif defined(HAVE_MBEDTLS)
+#include <mbedtls/sha1.h>
+#if MBEDTLS_VERSION_NUMBER < 0x03000000
+#define mbedtls_sha1 mbedtls_sha1_ret
+#define mbedtls_sha1_starts mbedtls_sha1_starts_ret
+#define mbedtls_sha1_update mbedtls_sha1_update_ret
+#define mbedtls_sha1_finish mbedtls_sha1_finish_ret
+#endif
+#else
+#error No supported crypto library enabled
#endif
#include <unistd.h>
#include <ctype.h>
@@ -78,10 +88,12 @@ enum device_link_file_status_t {
static void sha1_of_data(const char *input, uint32_t size, unsigned char *hash_out)
{
-#ifdef HAVE_OPENSSL
+#if defined(HAVE_OPENSSL)
SHA1((const unsigned char*)input, size, hash_out);
-#else
+#elif defined(HAVE_GNUTLS)
gcry_md_hash_buffer(GCRY_MD_SHA1, hash_out, input, size);
+#elif defined(HAVE_MBEDTLS)
+ mbedtls_sha1((unsigned char*)input, size, hash_out);
#endif
}
@@ -96,12 +108,24 @@ static int compare_hash(const unsigned char *hash1, const unsigned char *hash2,
return 1;
}
+static void _sha1_update(void* context, const char* data, size_t len)
+{
+#if defined(HAVE_OPENSSL)
+ SHA1_Update(context, data, len);
+#elif defined(HAVE_GNUTLS)
+ gcry_md_write(context, data, len);
+#elif defined(HAVE_MBEDTLS)
+ mbedtls_sha1_update(context, (const unsigned char*)data, len);
+#endif
+}
+
static void compute_datahash(const char *path, const char *destpath, uint8_t greylist, const char *domain, const char *appid, const char *version, unsigned char *hash_out)
{
-#ifdef HAVE_OPENSSL
+#if defined(HAVE_OPENSSL)
SHA_CTX sha1;
SHA1_Init(&sha1);
-#else
+ void* psha1 = &sha1;
+#elif defined(HAVE_GNUTLS)
gcry_md_hd_t hd = NULL;
gcry_md_open(&hd, GCRY_MD_SHA1, 0);
if (!hd) {
@@ -109,102 +133,63 @@ static void compute_datahash(const char *path, const char *destpath, uint8_t gre
return;
}
gcry_md_reset(hd);
+ void* psha1 = hd;
+#elif defined(HAVE_MBEDTLS)
+ mbedtls_sha1_context sha1;
+ mbedtls_sha1_init(&sha1);
+ mbedtls_sha1_starts(&sha1);
+ void* psha1 = &sha1;
#endif
FILE *f = fopen(path, "rb");
if (f) {
unsigned char buf[16384];
size_t len;
while ((len = fread(buf, 1, 16384, f)) > 0) {
-#ifdef HAVE_OPENSSL
- SHA1_Update(&sha1, buf, len);
-#else
- gcry_md_write(hd, buf, len);
-#endif
+ _sha1_update(psha1, (const char*)buf, len);
}
fclose(f);
-#ifdef HAVE_OPENSSL
- SHA1_Update(&sha1, destpath, strlen(destpath));
- SHA1_Update(&sha1, ";", 1);
-#else
- gcry_md_write(hd, destpath, strlen(destpath));
- gcry_md_write(hd, ";", 1);
-#endif
+ _sha1_update(psha1, destpath, strlen(destpath));
+ _sha1_update(psha1, ";", 1);
+
if (greylist == 1) {
-#ifdef HAVE_OPENSSL
- SHA1_Update(&sha1, "true", 4);
-#else
- gcry_md_write(hd, "true", 4);
-#endif
+ _sha1_update(psha1, "true", 4);
} else {
-#ifdef HAVE_OPENSSL
- SHA1_Update(&sha1, "false", 5);
-#else
- gcry_md_write(hd, "false", 5);
-#endif
+ _sha1_update(psha1, "false", 5);
}
-#ifdef HAVE_OPENSSL
- SHA1_Update(&sha1, ";", 1);
-#else
- gcry_md_write(hd, ";", 1);
-#endif
+ _sha1_update(psha1, ";", 1);
+
if (domain) {
-#ifdef HAVE_OPENSSL
- SHA1_Update(&sha1, domain, strlen(domain));
-#else
- gcry_md_write(hd, domain, strlen(domain));
-#endif
+ _sha1_update(psha1, domain, strlen(domain));
} else {
-#ifdef HAVE_OPENSSL
- SHA1_Update(&sha1, "(null)", 6);
-#else
- gcry_md_write(hd, "(null)", 6);
-#endif
+ _sha1_update(psha1, "(null)", 6);
}
-#ifdef HAVE_OPENSSL
- SHA1_Update(&sha1, ";", 1);
-#else
- gcry_md_write(hd, ";", 1);
-#endif
+ _sha1_update(psha1, ";", 1);
+
if (appid) {
-#ifdef HAVE_OPENSSL
- SHA1_Update(&sha1, appid, strlen(appid));
-#else
- gcry_md_write(hd, appid, strlen(appid));
-#endif
+ _sha1_update(psha1, appid, strlen(appid));
} else {
-#ifdef HAVE_OPENSSL
- SHA1_Update(&sha1, "(null)", 6);
-#else
- gcry_md_write(hd, "(null)", 6);
-#endif
+ _sha1_update(psha1, "(null)", 6);
}
-#ifdef HAVE_OPENSSL
- SHA1_Update(&sha1, ";", 1);
-#else
- gcry_md_write(hd, ";", 1);
-#endif
+ _sha1_update(psha1, ";", 1);
+
if (version) {
-#ifdef HAVE_OPENSSL
- SHA1_Update(&sha1, version, strlen(version));
-#else
- gcry_md_write(hd, version, strlen(version));
-#endif
+ _sha1_update(psha1, version, strlen(version));
} else {
-#ifdef HAVE_OPENSSL
- SHA1_Update(&sha1, "(null)", 6);
-#else
- gcry_md_write(hd, "(null)", 6);
-#endif
+ _sha1_update(psha1, "(null)", 6);
}
-#ifdef HAVE_OPENSSL
+#if defined(HAVE_OPENSSL)
SHA1_Final(hash_out, &sha1);
-#else
+#elif defined(HAVE_GNUTLS)
unsigned char *newhash = gcry_md_read(hd, GCRY_MD_SHA1);
memcpy(hash_out, newhash, 20);
+#elif defined(HAVE_MBEDTLS)
+ mbedtls_sha1_finish(&sha1, hash_out);
#endif
}
-#ifndef HAVE_OPENSSL
+#if defined(HAVE_GNUTLS)
gcry_md_close(hd);
+#elif defined(HAVE_MBEDTLS)
+ mbedtls_sha1_free(&sha1);
#endif
}